Manager, Information Security - MoneyGram
Dallas, TX 75201
About the Job
DescriptionJob SummaryThe Manager of Information Security leads information security initiatives for the Company
As the Manager of Information Security, you will be at the forefront of safeguarding MoneyGram’s systems and data
Your primary responsibility will be to lead a team in ensuring the integrity, confidentiality, and availability of our systems and data through proactive vulnerability management, robust application security practices, and efficient detection of security events
You will play a pivotal role in enhancing our security posture by managing third-party penetration testing activities and ensuring the timely remediation of any findings
Primary ResponsibilitiesLead a vulnerability management program that ensures vulnerabilities are detected, assessed for severity, and remediated in accordance with Company policies.Lead efforts to ensure application security is effectively incorporated into the SDLC
Drive efforts to incorporate threat intelligence into all information security processes, with a bias towards actionable intelligence.Partner with engineering teams to ensure that secure coding practices are implemented in accordance with application security standards
Conduct regular security assessments of applications to identify vulnerabilities and work with development teams to address findings.Manage engagements with third-party penetration testing vendors to assess the security posture of MoneyGram infrastructure and applications
Collaborate with security architects to ensure MoneyGram systems align with company information security policies and standards.Keep abreast of new and evolving security threats to ensure the Company remains adequately protected.Consults with business partners on security matters to ensure security efforts are aligned across the enterprise.Responds to regulatory and audit requests to support compliance initiatives.Performs other duties as assigned.EducationMinimum Required: Bachelor’s degree in computer science, Information Security or a related field; or equivalent experience
Certified Information System Security Professional (CISSP), CISA, CISM or equivalent certifications desired
ExperienceMinimum Required: 8+ years' Information Security experience.2+ years' experience managing direct reports; includes employee selection, motivation, coaching, and providing timely defensible constructive feedback.SkillsMinimum Required: Proven experience in information security domains of vulnerability management and application security.Knowledge of common security frameworks (NIST CSF, ISO) and regulatory requirements (PCI, GDPR, DORA)Technical expertise in application security tools and functions, including dynamic application security testing (DAST) and static application security testing (SAST)Hands-on experience with industry-leading vulnerability management tools such as Qualys, Nessus, or Rapid7, including configuration, tuning, and reporting.Deep understanding of common web application vulnerabilities (e.g., OWASP Top 10) and techniques for mitigating them.Familiarity with cloud security principles and best practices, particularly in assessing and securing cloud-based applications and infrastructure (e.g., AWS, Azure, GCP). BenefitsFlexible "Remote First" EnvironmentGenerous PTO13 Paid Holidays Medical / Dental / Vision InsuranceLife, Disability and other benefits401K with competitive employer matchCommunity Service DaysGenerous parental leaveSalaryAnticipated Base Pay: $160K - $175K + participation in our annual bonus plan.DisclaimerThe salary/pay rate listed is a good faith determination that may be offered to a successful applicant for this position at the time of this job advertisement based on company hiring process and budget for this role and may be modified in the future
Actual compensation may vary from posting based on geographic location, work experience, education and/or skill level.#LI-REMOTEQualificationsJob Field: Information SecurityOrganization: Information TechnologySchedule: Full-timeTravel: Yes, 10 % of the Time
As the Manager of Information Security, you will be at the forefront of safeguarding MoneyGram’s systems and data
Your primary responsibility will be to lead a team in ensuring the integrity, confidentiality, and availability of our systems and data through proactive vulnerability management, robust application security practices, and efficient detection of security events
You will play a pivotal role in enhancing our security posture by managing third-party penetration testing activities and ensuring the timely remediation of any findings
Primary ResponsibilitiesLead a vulnerability management program that ensures vulnerabilities are detected, assessed for severity, and remediated in accordance with Company policies.Lead efforts to ensure application security is effectively incorporated into the SDLC
Drive efforts to incorporate threat intelligence into all information security processes, with a bias towards actionable intelligence.Partner with engineering teams to ensure that secure coding practices are implemented in accordance with application security standards
Conduct regular security assessments of applications to identify vulnerabilities and work with development teams to address findings.Manage engagements with third-party penetration testing vendors to assess the security posture of MoneyGram infrastructure and applications
Collaborate with security architects to ensure MoneyGram systems align with company information security policies and standards.Keep abreast of new and evolving security threats to ensure the Company remains adequately protected.Consults with business partners on security matters to ensure security efforts are aligned across the enterprise.Responds to regulatory and audit requests to support compliance initiatives.Performs other duties as assigned.EducationMinimum Required: Bachelor’s degree in computer science, Information Security or a related field; or equivalent experience
Certified Information System Security Professional (CISSP), CISA, CISM or equivalent certifications desired
ExperienceMinimum Required: 8+ years' Information Security experience.2+ years' experience managing direct reports; includes employee selection, motivation, coaching, and providing timely defensible constructive feedback.SkillsMinimum Required: Proven experience in information security domains of vulnerability management and application security.Knowledge of common security frameworks (NIST CSF, ISO) and regulatory requirements (PCI, GDPR, DORA)Technical expertise in application security tools and functions, including dynamic application security testing (DAST) and static application security testing (SAST)Hands-on experience with industry-leading vulnerability management tools such as Qualys, Nessus, or Rapid7, including configuration, tuning, and reporting.Deep understanding of common web application vulnerabilities (e.g., OWASP Top 10) and techniques for mitigating them.Familiarity with cloud security principles and best practices, particularly in assessing and securing cloud-based applications and infrastructure (e.g., AWS, Azure, GCP). BenefitsFlexible "Remote First" EnvironmentGenerous PTO13 Paid Holidays Medical / Dental / Vision InsuranceLife, Disability and other benefits401K with competitive employer matchCommunity Service DaysGenerous parental leaveSalaryAnticipated Base Pay: $160K - $175K + participation in our annual bonus plan.DisclaimerThe salary/pay rate listed is a good faith determination that may be offered to a successful applicant for this position at the time of this job advertisement based on company hiring process and budget for this role and may be modified in the future
Actual compensation may vary from posting based on geographic location, work experience, education and/or skill level.#LI-REMOTEQualificationsJob Field: Information SecurityOrganization: Information TechnologySchedule: Full-timeTravel: Yes, 10 % of the Time
Source : MoneyGram